Project Description
SecurEntity™ is a .NET data protection library for Entity Framework. When combined with an on-premise web server and SQL Azure, SecurEntity offers you a killer combination:

  • Rapid application development, maintainability, and supportability benefits of EntityFramework
  • Easy provisioning, scale-up, scale-down, and OpEx pricing benefits of SQL Azure
  • Government-class data encryption and tamper resistance, backed by the security development expertise of JW Secure, Inc.

Benefits

  • Easy integration with Entity Framework "code first" based applications. Although a schema change is required, the code change is minimal and isolated from business logic.
  • String-type SQL columns are encrypted and never leave the application server in plaintext form. This exceeds the capability of the Cell-Level Encryption feature of MS SQL, which processes plaintext data within the DBMS.
  • All columns, regardless of data type (including POCO references), are automatically protected by a “row wide” cryptographic integrity check.
  • Compatibility with ASP.NET MVC, EF 4.x - 6.x, SQL Azure, and SQL Server 2008 R2 (hosted on-premise or in the cloud).
  • Permissive open-source licensing, in addition to a closed-source library option. Premium support is also available; contact sales@jwsecure.com.

Using SecurEntity

  1. Your Entity Framework data model entities must extend the SecurEntity abstract class. This adds a column to the schema for the purpose of storing encrypted keys and metadata.
  2. Your must instantiate the provided DbContextHelper class at runtime and pass it a reference to your DbContext instance. This allows callbacks to be added for hashing and encryption on write and decryption and verification on read.
  3. You must configure a digital certificate on your application server with the following characteristics:
    • Installed in the user ("MY") certificate store
    • RSA-based
    • Has a friendly name of "SecurEntity"
    • Private key is archived for disaster recovery purposes

Technical How-To

Here's how to configure the encryption certificate:

  1. Run mmc.exe
  2. Select Certificates
  3. Click Add
  4. Select My user account
  5. Click Next. Click Finish. Click OK.
  6. Expand the left-hand tree until you see Certificates - Current User | Personal | Certificates
  7. Right-click on the certificate you want to use in the right-hand pane, select Properties
  8. In the Friendly name field, type: SecurEntity
  9. Click OK

Sample Data

The following screenshot shows several rows of SQL data from the sample Entity Framework and SecurEntity client project included in source control. Note that strings, including credit card numbers in this example, have been encrypted. The SecurEntity metadata ensure that all columns are protected from malicious modification.

SecurEntitySampleTable

Last edited Jan 31 at 6:45 PM by dangriffin, version 17